Microsoft announced that on 1st September 2020 that they were rolling out the functions for external email forwarding controls to customers with an Office 365 Advanced Threat Protection (ATP) License. (Microsoft article MC220853)
External forwarding of emails is a known tactic which is used by attackers to extract data from organisations/companies which makes controling the process difficult. With the new feature added it means that Microsfot are adding support for the more smaller controls which allows administraors of Office 365 to easily enable the external forwarding of mail for the right people within the company/organisation through the outbound spam policy. Microsoft have also announced that they will also be moving forward to disable external forwarding by default therefore organisations will be secure by default.
You might ask ‘Am i impacted? ‘
If you have an ATP license and are using the defualt outbound spam policy or any other outbound policy for that matter then yes you will be impacted.
Microsoft does also show this option for non ATP licensees however, that doesnt mean these people will also be impacted once the change over is complete. Microsoft have only stated that this is an ATP functionality meaning that the forwarding option therefore shouldn’t be available in the outbound spam policy for non ATP licensees. (In other words all non ATP licensees be aware of this just in case!)
The Microsft message centre have noted the following communication:
No action is needed if you don’t want to allow any users to automatically forward messages externally or if no one in your tenant is currently doing so. Additionally, we understand that some organizations already have users automatically forwarding messages outside the organization and we will provide additional time and communications to enable transition to the new policy controls. For these organisations we will communicate via Message center with more details on when the change will impact your specific tenant.
How to lighten the impact of this new function?
All ATP license holders can ensure that their exception lists still allow the automatic forwarding of mail, create a new outbound Anti-Spam policy and also ensure that you have enabled automatic forwarding.
This is undoubtedly a change that will impact all customers who currently have scenario’s which allows for this automatic forwarding of mail. All customers need to ensure that they are ready for this change when Microsoft implements this change.
Non ATP customers – Microsoft haven’t really explained how this will affect you since this option is also avaiable for yourselves as well. The best thing to do is to verify the impact of the change when it happens just to be sure.
The following link explains it in a bit more detail if you would like to know more.